Add-on for Microsoft Defender ATP Known As Windows Defender ATP

Tech Talks: Technical Deep Dives
Find insightful and valuable deep-dives for any technical practitioner

Add-on for Microsoft Defender ATP Known As Windows Defender ATP

Add-on for Microsoft Defender ATP Known As Windows Defender ATP
This TA is updated version of Windows Defender ATP Modular Inputs TA(https://splunkbase.splunk.com/app/4128/) ================================================================================================================== Features Added: 1. Supports python2 and python3 - default is python.version=python3 Note: If your Splunk Enterprise is running below Version 8, you will see Splunk throwing below message: (tested in version 7.1.10) Invalid key in stanza [microsoft_defender_atp_alerts] in /Applications/splunk_7_1_10/splunk/etc/apps/TA-microsoft-defender/default/inputs.conf, line 4: python.version (value: python3) but Add-on works fine. I recommend comment python.version=python3 in inputs.conf or make use of the old TA mentioned in the beginning. 2. Supports multiple inputs - each input will have their own checkpoint. This is useful if any user wants to collect data from multiple tenants or subscriptions. ================================================================================================================== Add-on for Microsoft Defender ATP fetches windows security centre alerts from Azure cloud.
0 topics and 0 replies mentioned Add-on for Microsoft Defender ATP Known As Windows Defender ATP in View all 0
Latest Topics
No posts to display.
Latest Replies
No posts to display.
Top Topics
No posts to display.
My Topics
No posts to display.